I am trying to block access from 1 VLAN to another without disabling InterVLAN routing.
In my access list entry I have the following:
Deny ALL protocols, Source interface LAN; Source Address Network 192.168.8.0/24 (VLAN I wish to block); Destination Address Network 192.168.1.0.
It looks like this should work however hosts from the 192.168.8.0 network can access the 192.168.1.0 network. If I disable InterVLAN routing it blocks traffic between the VLANs as you would expect. In the future I plan to have another VLAN that I do wish to route between VLANs.
Any help would be appreciated,
The IP based ACL of RVS4000 is designed to restrict the traffic between LAN and WAN (bi-direction), but not the inter-VLAN traffic. So the scenario is not supported unfortunately.